tests: Hotspot 2.0 and failures during profile configuration

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2016-07-04 12:15:15 +03:00
parent af52992a37
commit 604f559ae4
3 changed files with 290 additions and 1 deletions

View File

@ -106,6 +106,7 @@ radius_accept_attr=89:s:macacl-cui-test
"mschap user" TTLS-MSCHAP "password" [2]
"DOMAIN\mschapv2 user" TTLS-MSCHAPV2 hash:8846f7eaee8fb117ad06bdd830b7586c [2]
"hs20-test" TTLS-MSCHAPV2 "password" [2]
"hs20-test-with-domain@example.com" TTLS-MSCHAPV2 "password" [2]
"utf8-user" TTLS-MSCHAPV2 "secret-åäö-€-password" [2]
"utf8-user-hash" TTLS-MSCHAPV2 hash:bd5844fad2489992da7fe8c5a01559cf [2]

View File

@ -4443,3 +4443,291 @@ def test_ap_hs20_anqp_invalid_gas_response(dev, apdev):
raise Exception("No ANQP-QUERY-DONE seen")
if "result=SUCCESS" not in ev:
raise Exception("Unexpected result: " + ev)
def test_ap_hs20_set_profile_failures(dev, apdev):
"""Hotspot 2.0 and failures during profile configuration"""
bssid = apdev[0]['bssid']
params = hs20_ap_params()
params['hessid'] = bssid
params['anqp_3gpp_cell_net'] = "555,444"
hapd = hostapd.add_ap(apdev[0], params)
dev[0].hs20_enable()
dev[0].scan_for_bss(bssid, freq="2412")
id = dev[0].add_cred_values({ 'realm': "example.com",
'domain': "example.com",
'username': "test",
'password': "secret",
'eap': 'TTLS' })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE ssid->eap.eap_methods = os_malloc()")
with alloc_fail(dev[0], 1, "interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'realm': "example.com",
'domain': "example.com",
'username': "hs20-test-with-domain@example.com",
'password': "password" })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE anon = os_malloc()")
with alloc_fail(dev[0], 1, "interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE Successful connection with cred->username including realm")
dev[0].request("INTERWORKING_CONNECT " + bssid)
dev[0].wait_connected()
dev[0].remove_cred(id)
dev[0].wait_disconnected()
id = dev[0].add_cred_values({ 'realm': "example.com",
'domain': "example.com",
'username': "hs20-test",
'password': "password" })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE anon = os_malloc() (second)")
with alloc_fail(dev[0], 1, "interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
with alloc_fail(dev[0], 1, "wpa_config_add_network;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
with alloc_fail(dev[0], 1, "=interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set(eap)")
with alloc_fail(dev[0], 1, "wpa_config_parse_eap;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set(TTLS-NON_EAP_MSCHAPV2-phase2)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'roaming_consortium': "112233",
'domain': "example.com",
'username': "hs20-test",
'password': "password",
'eap': 'TTLS',
'phase2': "auth=MSCHAPV2" })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE anon = os_strdup()")
with alloc_fail(dev[0], 2, "interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(anonymous_identity)")
with alloc_fail(dev[0], 1, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE Successful connection with cred->realm not included")
dev[0].request("INTERWORKING_CONNECT " + bssid)
dev[0].wait_connected()
dev[0].remove_cred(id)
dev[0].wait_disconnected()
id = dev[0].add_cred_values({ 'roaming_consortium': "112233",
'domain': "example.com",
'realm': "example.com",
'username': "user",
'password': "password",
'eap': 'PEAP' })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE id = os_strdup()")
with alloc_fail(dev[0], 2, "interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(identity)")
with alloc_fail(dev[0], 1, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'roaming_consortium': "112233",
'domain': "example.com",
'realm': "example.com",
'username': "user",
'password': "password",
'eap': "TTLS" })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE wpa_config_set_quoted(identity) (second)")
with alloc_fail(dev[0], 2, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(password)")
with alloc_fail(dev[0], 3, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
with alloc_fail(dev[0], 1, "wpa_config_add_network;interworking_connect_roaming_consortium"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
with alloc_fail(dev[0], 1, "=interworking_connect_roaming_consortium"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'roaming_consortium': "112233",
'domain': "example.com",
'realm': "example.com",
'username': "user",
'eap': "PEAP" })
dev[0].set_cred(id, "password", "ext:password");
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE wpa_config_set(password)")
with alloc_fail(dev[0], 3, "wpa_config_set;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
with alloc_fail(dev[0], 1, "interworking_set_hs20_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'realm': "example.com",
'domain': "example.com",
'username': "certificate-user",
'phase1': "include_tls_length=0",
'domain_suffix_match': "example.com",
'ca_cert': "auth_serv/ca.pem",
'client_cert': "auth_serv/user.pem",
'private_key': "auth_serv/user.key",
'private_key_passwd': "secret" })
interworking_select(dev[0], bssid, "home", freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE wpa_config_set_quoted(client_cert)")
with alloc_fail(dev[0], 2, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(private_key)")
with alloc_fail(dev[0], 3, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(private_key_passwd)")
with alloc_fail(dev[0], 4, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(ca_cert)")
with alloc_fail(dev[0], 5, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(domain_suffix_match)")
with alloc_fail(dev[0], 6, "=wpa_config_set_quoted;interworking_set_eap_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
with alloc_fail(dev[0], 1, "interworking_set_hs20_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'imsi': "555444-333222111", 'eap': "SIM",
'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
interworking_select(dev[0], bssid, freq=2412)
dev[0].dump_monitor()
with alloc_fail(dev[0], 1, "interworking_set_hs20_params"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set_quoted(password;milenage)")
with alloc_fail(dev[0], 2, "=wpa_config_set_quoted;interworking_connect_3gpp"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set(eap)")
with alloc_fail(dev[0], 1, "wpa_config_parse_eap;wpa_config_set;interworking_connect_3gpp"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE set_root_nai:wpa_config_set(identity)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;interworking_connect_3gpp"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)
id = dev[0].add_cred_values({ 'roaming_consortium': "112233",
'username': "user@example.com",
'password': "password" })
interworking_select(dev[0], bssid, freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE Interworking: No EAP method set for credential using roaming consortium")
dev[0].request("INTERWORKING_CONNECT " + bssid)
dev[0].remove_cred(id)
hapd.disable()
params = hs20_ap_params()
params['nai_realm'] = "0,example.com,25[3:26]"
hapd = hostapd.add_ap(apdev[0], params)
id = dev[0].add_cred_values({ 'realm': "example.com",
'domain': "example.com",
'username': "hs20-test",
'password': "password" })
interworking_select(dev[0], bssid, freq=2412)
dev[0].dump_monitor()
dev[0].request("NOTE wpa_config_set(PEAP/FAST-phase1)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set(PEAP/FAST-pac_interworking)")
with alloc_fail(dev[0], 2, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].request("NOTE wpa_config_set(PEAP/FAST-phase2)")
with alloc_fail(dev[0], 3, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
hapd.disable()
params = hs20_ap_params()
params['nai_realm'] = "0,example.com,21"
hapd = hostapd.add_ap(apdev[0], params)
interworking_select(dev[0], bssid, freq=2412)
dev[0].request("NOTE wpa_config_set(TTLS-defaults-phase2)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
hapd.disable()
params = hs20_ap_params()
params['nai_realm'] = "0,example.com,21[2:3]"
hapd = hostapd.add_ap(apdev[0], params)
interworking_select(dev[0], bssid, freq=2412)
dev[0].request("NOTE wpa_config_set(TTLS-NON_EAP_MSCHAP-phase2)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
hapd.disable()
params = hs20_ap_params()
params['nai_realm'] = "0,example.com,21[2:2]"
hapd = hostapd.add_ap(apdev[0], params)
interworking_select(dev[0], bssid, freq=2412)
dev[0].request("NOTE wpa_config_set(TTLS-NON_EAP_CHAP-phase2)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
hapd.disable()
params = hs20_ap_params()
params['nai_realm'] = "0,example.com,21[2:1]"
hapd = hostapd.add_ap(apdev[0], params)
interworking_select(dev[0], bssid, freq=2412)
dev[0].request("NOTE wpa_config_set(TTLS-NON_EAP_PAP-phase2)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
hapd.disable()
params = hs20_ap_params()
params['nai_realm'] = "0,example.com,21[3:26]"
hapd = hostapd.add_ap(apdev[0], params)
interworking_select(dev[0], bssid, freq=2412)
dev[0].request("NOTE wpa_config_set(TTLS-EAP-MSCHAPV2-phase2)")
with alloc_fail(dev[0], 1, "wpa_config_parse_str;wpa_config_set;interworking_connect"):
dev[0].request("INTERWORKING_CONNECT " + bssid)
wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
dev[0].remove_cred(id)

View File

@ -367,7 +367,7 @@ class WpaSupplicant:
quoted = [ "realm", "username", "password", "domain", "imsi",
"excluded_ssid", "milenage", "ca_cert", "client_cert",
"private_key", "domain_suffix_match", "provisioning_sp",
"roaming_partner", "phase1", "phase2" ]
"roaming_partner", "phase1", "phase2", "private_key_passwd" ]
for field in quoted:
if field in params:
self.set_cred_quoted(id, field, params[field])